1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
<?php
/*
Question2Answer by Gideon Greenspan and contributors
http://www.question2answer.org/
File: qa-include/qa-ajax-click-pm.php
Description: Server-side response to Ajax single clicks on private messages
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
More about this license: http://www.question2answer.org/license.php
*/
require_once QA_INCLUDE_DIR.'app/messages.php';
require_once QA_INCLUDE_DIR.'app/users.php';
require_once QA_INCLUDE_DIR.'app/cookies.php';
require_once QA_INCLUDE_DIR.'db/selects.php';
$loginUserId = qa_get_logged_in_userid();
$loginUserHandle = qa_get_logged_in_handle();
$fromhandle = qa_post_text('handle');
$start = (int) qa_post_text('start');
$box = qa_post_text('box');
$pagesize = qa_opt('page_size_pms');
if ( !isset($loginUserId) || $loginUserHandle !== $fromhandle || !in_array($box, array('inbox', 'outbox')) ) {
echo "QA_AJAX_RESPONSE\n0\n";
return;
}
$func = 'qa_db_messages_'.$box.'_selectspec';
$pmSpec = $func('private', $loginUserId, true, $start, $pagesize);
$userMessages = qa_db_select_with_pending($pmSpec);
foreach ($userMessages as $message) {
if (qa_clicked('m'.$message['messageid'].'_dodelete')) {
if (qa_check_form_security_code('pm-'.$fromhandle, qa_post_text('code'))) {
qa_pm_delete($loginUserId, qa_get_logged_in_handle(), qa_cookie_get(), $message, $box);
echo "QA_AJAX_RESPONSE\n1\n";
return;
}
}
}
echo "QA_AJAX_RESPONSE\n0\n";